Coder Social home page Coder Social logo

hvsharma12 / pam_pwd Goto Github PK

View Code? Open in Web Editor NEW

This project forked from linux-system-roles/pam_pwd

0.0 0.0 0.0 137 KB

Ansible role for PAM password policy management

Home Page: https://linux-system-roles.github.io/pam_pwd/

License: MIT License

Shell 14.08% JavaScript 12.42% HTML 68.20% Jinja 5.30%

pam_pwd's Introduction

pam_pwd

ansible-lint.yml ansible-test.yml markdownlint.yml tft.yml tft_citest_bad.yml woke.yml

This role configures PAM to implement a password policy to meet requirements like minimum password length, complexity, keep password history, etc. It supports:

  • Fedora >= 35
  • RHEL 7
  • RHEL 8
  • RHEL 9 Beta
  • CentOS 7
  • CentOS Stream 8
  • CentOS Stream 9

The role was tested with the following versions of Ansible:

  • ansible-core 2.11
  • ansible-core 2.12

To use this role you have to specify the role variables which are described below.

Requirements

None.

Role Variables

Here you find a description of all input variables (i.e. variables that are defined in defaults/main.yml) for the role as these form the API of the role. The following code block shows all necessary input variables and their default values. They are specified in defaults/main.yml.

pam_pwd_minlen: "12" # defines the minimum acceptable size for a password.
pam_pwd_history: "5" # defines the number of previous passwords which cannot be used.
pam_pwd_dcredit: "-1" # defines minimum credit for having required digits in password.
pam_pwd_ucredit: "-1" # defines minimum credit for having uppercase characters in password.
pam_pwd_lcredit: "-1" # defines minimum credit for having lowercase characters in password.
pam_pwd_ocredit: "-1" # defines minimum credit for having other characters in password.
pam_pwd_minclass: "4" # defines minium number of required character classes in new password.
pam_pwd_enforce_root: "enforce_for_root" # (""|"enforce_for_root") defines whether or not to enforce password complexity for user root.
pam_pwd_policy_name: "password-policy" # RHEL 8 only. Define name of the custom authselect profile.
pam_pwd_deny: "5" # Set the number of failed login attempts after which the account is locked.
pam_pwd_unlock_time: "300" # Time in seconds after which an account is unlocked again.

You can keep these default values if they fit your requirements. Or you can overwrite the defaults by specifiny some or all of them in places like vars/main.yml, group_vars/, host_vars/ or your playbook.

Example Playbook

The following code block shows the simplest playbook to run this role:

- name: Manage pam password
  hosts: all
  roles:
    - linux-system-roles.pam_pwd

More examples can be found in the examples/ directory.

License

MIT.

Author Information

Author: Joerg Kastning
Contact: [email protected]

pam_pwd's People

Contributors

richm avatar tronde avatar spetrosi avatar dependabot[bot] avatar nhosoi avatar ukulekek avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.